Uploaded image for project: 'Ignite'
  1. Ignite
  2. IGNITE-12540

Update versions of vulnerable dependencies

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 2.8
    • general, hibernate, rest, spring
    • None
    • Increase minor dependency version for spring-data, spring modules and jetty, jackson, beanutils dependencies.

    Description

      Let's bump some crucial dependencies to their latest minor versions and try to include it in 2.8 also.

      spring 4 and 5, spring data, hibernate, jetty, jackson-databind.

      Lesser-used packages, notable Zk discovery, are not affected.

      Attachments

        Issue Links

          is duplicated by

          Wish - General wishlist item. IGNITE-12129 Upgrade spring-5.0.X and spring-data-2.0.X dependencies to latest versions

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #7260

          Web Link Ignite Developers maillist discussion

          Activity

            People

              ilyak Ilya Kasnacheev
              ilyak Ilya Kasnacheev
              Vladimir Pligin Vladimir Pligin
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h